To All:
Please smack me for my fat-finger typos. I changed the -up brace (holds the hand up at 32 degrees) for a forearm brace and I can type more easily, but still have the fat-finger typos.
Mea culpa.
To All:
Please smack me for my fat-finger typos. I changed the -up brace (holds the hand up at 32 degrees) for a forearm brace and I can type more easily, but still have the fat-finger typos.
Mea culpa.
Real looking? Boy are they ever. They even use the PayPal logo, and Amazon, and e-bay, etc, on the e-mails. It is easy to see how some people are tricked. I might have been, except that two years ago, when I got my first fraudulant e-mail from PayPal, I had just checked my account balance online, then went to my mail box and found the e-mail saying that my account was over drawn. I am sure that I would have clicked on that link in a panic had I not just been to my account.Originally Posted by Dan Klimek
Since then I have had fraudulant e-mails supposedly from ATT, Qwest and several banks that I don't even do business with.
It is a nasty world out there, and that is one of the reasons I have become a PI, to try to help clean it up a little.
Vicki,
It is a scary world out there. The forged email cons are GOOD. The Nigerian cons could take a lesson from them.
I think that the real difference is the mindset of the perpetrators. The Nigerian cons were originally from Nigeria and had a mediocre command of English. The forged email cons do not have to worry about the language; they simply copy material from legitimate websites and emails.
The federal credit union email that I mentioned a few posts ago was real. But it was so childish in its presentation - I thought it was from someone who did not read or write English or that it was from a grade school child.
The credit union should have let its members know that it had a website - and then hired a professional to manage it and the email traffic from the site.
I just got one today from "service@Payploul.com," which redirected me to a mock Paypal page that asked me for my email address and password (the latter of which Paypal NEVER, EVER requests), followed by my credit card number, pin number and bank name. The page is designed to look like a Paypal page, but it was a pretty lame attempt since some of the graphic links were dead. Hope this helps some people on the lookout.
Thank you for the info. I knew about most of them but did not know that IPIU could be one too!
Greetings Everyone, nice to see you all here, I hope you're all well and doing fine.
Adam, thanks for the heads-up on that one but I'm curious to know if you actually Clicked on the link? if no, good for you, but if you did, well, not to scare you to much but when you recieve Emails that you don't know who there from or you never subscribe to thier service don't Click on them because (1) - you're telling them you have a valid email address) so use caution on any ad that tells you to Click its link,
Don't be afraid to call pay-pal and inquire if you're unsure. be very careful on the coming day/months/years.
Have a great day.
I receive these emails all the time and I have spoken with PayPal, they gave me an email address to forward any (Paypal) emails to them to prove originality.
They will inform you if the email was legit or not.
Hi Everyone. I as well have been receiving alot of the PayPal & Ebay emails lately. Follow the link below for more information from PayPal on how to protect yourself from fraudulent emails
http://www.paypal.com/cgi-bin/webscr...ySpoof-outside
Greetings Everyone, its nice to see you all here safe and in good health.
Tracy, good job! Luke, thanks for the link, keep up the good work.
Be alert and stay safe.
Have a great day.
Originally Posted by Michael Harris
Dear M1cha3L:
I f0rgot t0 nag you 1n a w33k to find out y0ur r3sults...?
S0rry - I am suff3ring a bit of brain-damage.
What were they? No, there are NO typos in this post!
M/
aka
Melanie
Melanie,Originally Posted by Melanie Kozik
They actually do have a website - a bit primitive, but real. They would have done better to announce the website in their print newsletter.
It is so unfortunate that in todays world there are so many crooks out there. I am particularly annoyed with the fake bank E-mails but more so the "Representive needed" ones now. I recieved an E-mail from a "Childrens non-profit Organization" in the UK which had the web link etc attached. I began a conversation with several people via E-mail and phone in an attempt to become "employed" by them. To make a long story short...I eventually recieved 5 money orders for over $2500 which I had to cash on their behalf and keep 10% as salary. Needless to say I smelt a rat early on and took the money orders and all E-mail correspondence down to the local PD. A report was made and they photo-copied the money orders and correspondence and generally said there was nothing they could do with the evidence, I also had saved all phone messeges that I had recieved from these crooks. The money orders are so professional that you honestly think they are totally real-even the retailers like Wal-Mart etc can't tell the difference, and cash them for the person. The CID told me that it was good that I didn't cash any of the freudulent money orders as they now come after the people who cash them. I can understand how poorer people would cash them as they need the money but unfortunately don't understand the trouble they will find themselves in. I still possess those items and did have those crooks telling me that they would come after me through various "government and law enforcement bodies", I certainly don't believe them and neither do the police. If anyone obtains these types of offers etc they can forward them onto the Internet Crime Complaint Center (IC3). If you wish to send in your complaint or have any additional information to provide to the IC3, please use the following link
http://complaint.ic3.gov
Heather,
The bad guys are getting smarter. They used to target only the greedy and then they switched to the soft-hearted.
Thanks for the link to IC3.
Thanks for the info.
Great info Heather, thanks!
Thanks Michael et al for your replies. I just wish the PD could do more to help the "little guy" and catch these rouges. Seems that even when you present perfectly good evidence with E-mail identities and computer ISP addresses the police still are clueless to help either because of the lack of man power and resources (Thanks Michael for that clear-up earlier). - Same old story. Real sad in this day and age when you think about it...
Oh just one more thought on the Bank etc E-mails. If you ever find a request to log in because of "Your account has been blocked" or "You must log in to re-verify your account" NEVER click on the link on that E-mail. Even if I recieve an E-mail (which I know is from my bank) I still don't click on any bank E-mail links. I revert back to the original web page of my Banks every time, if they want information or have a messege it will be in there when I log in. I personally always send all of my banks a copy of the freudulent E-mail for their files.
Heather,
I always try to forward the email to spoof@nameofbank.com. I know that PayPal has a spoof email address. Sometimes I use multiple addresses - service, support, abuse, etc. Some banks and financial organizations use one or all of these for collecting these malicious emails.
Watch out for the Secret shopper 00000 too, i recieved one in the mail not too long ago and even had a check for over two grand, but it was not real, if i would have cashed that check and then two or three days later it bounce I would be legally binded and responsible for the total amount. watch out ya'll
Richard,Originally Posted by Richard Rigby
With the checks and money orders, you simply go to your bank and have them verify it. They probably see dozens every week, but they can confirm if it is valid. Then you send it to the police or FBI or Secret Service. It varies from locale to locale. I understand that the Secret Service (formed to investigate financial fraud) are ultimately responsible, but in my state, the Newark, NJ FBI do all the hard work.
To All:
I found this in my email today. Usually, I do not forward these, but I did check this one out. Even if no one has done this, it is a serious threat.
New Credit Card 0000
Snopes.com says this is true. See this site – http://www.snopes.com/crime/warnings/cr editcard.asp
This one is pretty slick since they provide YOU with all the information, except the one piece they want.
Note, the callers do not ask for your card number; they already have it. This information is worth reading. By understanding how the VISA & MasterCard Telephone Credit Card 0000 works, you'll be better prepared to protect yourself.
One of our employees was called on Wednesday from 'VISA', and I was called on Thursday from 'Master Card'. The 0000 works like this: Caller: 'This is (name), and I'm calling from the Security and Fraud Department at VISA. My Badge number is 12460. Your card has been flagged for an unusual purchase pattern, and I'm calling to verify. This would be on your VISA card which was issued by (name of bank). Did you purchase an Anti-Telemarketing Device for $497.99 from a Marketing company based in Arizona?'
When you say 'No', the caller continues with, 'Then we will be issuing a credit to your account. This is a company we have been watching and the charges range from $297 to $497, just under the $500 purchase pattern that flags most cards. Before your next statement, the credit will be sent to (gives you your address), is that correct?'
You say 'yes'. The caller continues - 'I will be starting a Fraud investigation. If you have any questions, you should call the 1- 800 number listed on the back of your card (1-800-VISA) and ask for Security.'
You will need to refer to this Control Number. The caller then gives you a 6 digit number. 'Do you need me to read it again?'
Here's the IMPORTANT part on how the 0000 works. The caller then says, 'I need to verify you are in possession of your card'. He'll ask you to 'turn your card over and look for some numbers'. There are 7 numbers; the first 4 are part of your card number, the next 3 are the security Numbers that verify you are the possessor of the card. These are the numbers you sometimes use to make Internet purchases to prove you have the card. The caller will ask you to read the 3 numbers to him. After you tell the caller the 3 numbers, he'll say, 'That is correct, I just needed to verify that the card has not been lost or stolen, and that you still have your card. Do you have any other questions?' After you say No, the caller then thanks you and states, 'Don't hesitate to call back if you do', and hangs up.
You actually say very little, and they never ask for or tell you the Card number. But after we were called on Wednesday, we called back within 20 minutes to ask a question. Are we glad we did! The REAL VISA Security Department told us it was a 0000 and in the last 15 minutes a new purchase of $497.99 was charged to our card.
Long story - short - we made a real fraud report and closed the VISA account VISA is reissuing us a new number. What the scammers want is the 3-digit PIN number on the back of the card. Don't give it to them. Instead, tell them you'll call VISA or Master card directly for verification of their conversation. The real VISA told us that they will never ask for anything on the card as they already know the information since they issued the card! If you give the scammers your 3 Digit PIN Number, you think you're receiving a credit. However, by the time you get your statement you'll see charges for purchases you didn't make, and by then it's almost too late and/or more difficult to actually file a fraud report.
What makes this more remarkable is that on Thursday, I got a call from a 'Jason Richardson of Master Card' with a word-for-word repeat of the VISA 0000. This time I didn't let him finish. I hung up! We filed a police report, as instructed by VISA. The police said they are taking several of these reports daily! They also urged us to tell everybody we know that this 0000 is happening.
Hey Michael.
****! These guys know exactly what they're doing. Thanks so much for your alert today.
Here's another 0000: I have an email purporting to be from the IRS. They say that I am owed a refund of taxes or something like that on a Visa or Mastercard. They have a link to click on. The "From" entry is refund@irs.gov. I do not click on the link, since it's most likely a costly error. This kind of message usually winds up in my SPAM folder. I just delete it. If you know what I'm talking about, Michael, feel free to post. I appreciate your information.
Johnny
Johnny,
I have received those IRS.gov - you have a refund - messages.
The bad guys are getting bold. On the other hand, if I get 12 eBay or PayPal messages a day, am I going to fall for it?
Wow Michael this is really scary and I hope I can hold out by not giving any information out via telephone. I'm so so so so, glad that you posted this information Michael, as in the past I have gotten real security alerts from various CC companies and I was usually very trusting of these types of calls. I think that it's time to re-verify every call, E-mail and normal mail by re-calling those numbers etc which we know to be the correct information before giving them the time of day.
When I think about how many people they could have already 0000000 using this method makes me so angry. Is there anything sacred anymore!!!!
Heather,
I have Internet access to all my accounts - credit cards, banks, credit unions, PayPal, etc. I check these often. I actually check my primary bank accounts daily.
Most reputable financial institutions have dispute links that are easy to use. Some do it by Internet and some by phone. Keep checking your accounts and do not give any information over the phone unless you make the call.
Michael, I appreciate all your good advice on all of these forums and understand that no-one is safe and that everyone is a potential target these days. I do keep a daily check on all my accounts aswell. You mentioned before that you were instructed by the CC company to file a police report. Even with these reports the police aren't very powerful in stopping these thieves.
Greetings IPIU members, I hope you're all having a great day, do stay safe this holiday season.
Michael, thanks for sharing.
Have a great day.
JoI
Guys & Gals - I am not sure at all where to post this but I think it is pretty dern important.
I just received a *bounced* email in which my agency email address is being USED to Send Spam!
I got it because the persons email box was full so it bounced back to ME because it is MY agency email address used to send the spam (it is for Viagra).
Answers please! I rarely, maybe twice have even used this address and so I am very curious to know HOW this is happening; is anyone else having spam sent BY their agency email address????
Read the following:
http://www.cert.org/tech_tips/email_spoofing.html
OK - that is all fine and dandy - but I have not been ticked into anything - I am quite savy to this type of thing--and as I have No Control over the agency email addresses there is nothing I can DO to prevent this as I can with those that are Under My Control.
- Use cryptographic signatures (e.g., PGP "Pretty Good Privacy" or other encryption technologies) to exchange authenticated email messages. Authenticated email provides a mechanism for ensuring that messages are from whom they appear to be, as well as ensuring that the message has not been altered in transit. Similarly, sites may wish to consider enabling SSL/TLS in their mail transfer software. Using certificates in this manner increases the amount of authentication performed when sending mail.
- Configure your mail delivery daemon to prevent someone from directly connecting to your SMTP port to send spoofed email to other sites.
- Ensure that your mail delivery daemon allows logging and is configured to provide sufficient logging to assist you in tracking the origin of spoofed email.
- Consider a single point of entry for email to your site. You can implement this by configuring your firewall so that SMTP connections from outside your firewall must go through a central mail hub. This will provide you with centralized logging, which may assist in detecting the origin of mail spoofing attempts to your site.
- Educate your users about your site's policies and procedures in order to prevent them from being "social engineered," or tricked, into disclosing sensitive information (such as passwords). Have your users report any such activities to the appropriate system administrator(s) as soon as possible. See also CERT advisory CA-1991-04, available from
- http://www.cert.org/advisories/CA-1991-04.social.engineering.html
In any event, after reading this - is what you are trying to tell me is that it has nothing to do with the Union and everything to do with Me?
Or am I mis-understanding?
Robert,
Thanks for the link. It was most interesting. I think it answers Melanie's question nicely.
Again, if you read the full page of the link that Robert gave you there are a couple of sections worth reading, including a reporting mechanism.
Another good set of Google Results is here:
http://www.google.com/search?hl=en&q=spoofed+email
It has nothing to do with the union or you! It is an inherent risk that anytime you email someone or your email address is advertised anywhere on the internet or anyone gives out your email address, that it can end up being spoofed by spammers.In any event, after reading this - is what you are trying to tell me is that it has nothing to do with the Union and everything to do with Me?
Even if you requested a new email address, it will probably get out and become spoofed too.
This is one of the reasons why IPIU and other web sites have gone to a CONTACT PAGE where an unknown person has to type in an Image Verification to send a message (email) to the site. You may wish to look into adding a Contact Page for your website too.
Donna Reagan
Licensed Private Investigator
DHS Certified
START WITH TRUST
When you see the Better Business Bureau Seal, it means the
International Private Investigators Union (IPIU) has agreed to:
TELL THE TRUTH, KEEP ITS PROMISES, BE RESPONSIVE
www.ipiu.org | IPIU Web Store
Official BBB Accreditation Link | Contact IPIU
Founded in 1989 - Celebrating our 32nd Year Serving 48,373 Members
CONTACT LINK HERE TO JOIN IPIU
Thanks for the info. In the past I too have received this type of e-mail . So far, I have had the luck to suspect a bad e-mail and deleted them. I didn't know to scroll over the link with the mouse to check for the address. You learn something new everyday ! Again Thanks.
Hi Michael and all: Thanks for the input. My experience is : Company calls asking me if I use VISA (which i do), then says I am entitled to prize. He has my card #, wants to confirm last 4 digits of card.
Dont know if this was legitamate or not, but i dont give info on phone calls.
I recieve emails form PayPal and E-Bay all the time. I just delete them. I too keep track of my accounts and know when these are not real. Thanks for al the info.